blob: a8c33a055a7bc1cc5747322a157aeb28a1aa8909 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
import { BrowserPolicy } from 'meteor/browser-policy-common';
Meteor.startup(() => {
if (process.env.BROWSER_POLICY_ENABLED === 'true') {
// Trusted URL that can embed Wekan in iFrame.
const trusted = process.env.TRUSTED_URL;
BrowserPolicy.framing.disallow();
//Allow inline scripts, otherwise there is errors in browser/inspect/console
//BrowserPolicy.content.disallowInlineScripts();
//BrowserPolicy.content.disallowEval();
//BrowserPolicy.content.allowInlineStyles();
//BrowserPolicy.content.allowFontDataUrl();
BrowserPolicy.framing.restrictToOrigin(trusted);
//BrowserPolicy.content.allowScriptOrigin(trusted);
} else {
// Disable browser policy and allow all framing and including.
// Use only at internal LAN, not at Internet.
BrowserPolicy.framing.allowAll();
//BrowserPolicy.content.allowDataUrlForAll();
}
// Allow all images from anywhere
//BrowserPolicy.content.allowImageOrigin('*');
// If Matomo URL is set, allow it.
const matomoUrl = process.env.MATOMO_ADDRESS;
if (matomoUrl) {
//BrowserPolicy.content.allowScriptOrigin(matomoUrl);
//BrowserPolicy.content.allowImageOrigin(matomoUrl);
}
});
|